Home » Technology » Hackers exploit the vulnerability in Zimbra For Password Stealing

Hackers exploit the vulnerability in Zimbra For Password Stealing

For months there have been reports of vulnerabilities in Zimbra’s email platform. Now it has become known that one of these vulnerabilities is being actively exploited to steal passwords undetected. That reports that Bleeping Computer Online Magazine.

Hackers are therefore already on the hunt for vulnerable entities that have not yet installed the security updates that are already available and thus are unprotected against data theft.

Security update available

The vulnerability in Zimbra in question, CVE-2022-27824, was discovered in March by SonarSource security researchers. In May, the software manufacturer then released two security patches (ZCS 9.0.0 Patch 24.1 and ZCS 8.8.15 Patch 31.1) in response. The vulnerability is classified as very dangerous. It allows an unauthenticated attacker to steal plain text email account information from Zimbra Collaboration instances without any user interaction. The vulnerability allows hackers to trick the software into forwarding all IMAP traffic when a legitimate user tries to log in.

According to the software vendor, Zimbra Collaboration is used by more than 200,000 companies and 1,000 government agencies and organizations in some 140 countries. In the US, the Agency for Cybersecurity and Infrastructure Security (CISA) now officially warned about the vulnerability. As a result, all federal authorities in the US are required to import the available security updates by August 25, 2022.

As CISA’s latest warning shows, the security updates that have been available for nearly three months have so far been underused. Hackers are now trying to find vulnerable instances, attack them and steal data.

Nicole Craig

Media coordinator and junior editor at Research Snipers RS-NEWS, I studied mass communication and interested technology business, I have 3 years experience in the media industry.